I'm at Catalyst today, sitting in the Identity and Privacy Strategies (IPS) track. Jamie Lewis (Burton Group CEO) is giving the keynote. It's telling, I think, that Jamie's here and not at one of the other tracks. The IPS track is in a large ballroom and the place is packed. Jamie's mostly talking about why identity management (IdM) is important now and what's driving it. Some interesting points:

Interoperable IdM must be an integral service on any enterprise service bus.

Most vendor suites, at this point, are suites in name only. Lots of integration needs to be done past changing the brand.

Vendors are arguing about roads rather than building cars to run on those roads.

The most optimistic scenario is that open source solutions (the roads) will take five years to emerge.

Jamie sees some inhibitors and variables such as security has rewards, but the cost outweighs the risks in many cases. Identity can enable security.

Identity for the Internet has to be part of the puzzle. The lack of a cohesive identity system for the Internet is a problem we have to solve because it's impeding growth.

The top-down sysadmin view of IdM won't scale for the Net. Poly-centrism is important here.

So, what should you be doing now? Jamie had the following advice:

Relate the problem to your core business objectives. There are five drivers : cost containment, operational efficiency, business needs, regulatory compliance, and risk management.

Begin by cleaning your own identity house. Look at how you use identity. 80% of the problem is politics and business. No one technology can solve all your problems. Take an architectural approach (this would have been a great point to plug my book, Jamie!)

Carefully scope the problem and don't try to boil the ocean. Manage expectations. Pick projects with an early demonstrated ROI.